Latest in Coresecurity

Image credit:

Cyberattacks used security software to cover their trail

122 Shares
Share
Tweet
Share
Save

Sponsored Links

State-sponsored hacking attempts frequently rely on specially written software, but that's a risky move. Unless it's well-made, custom code can be a giveaway as to who's responsible. Attackers are switching things up, however. Security researchers at CrowdStrike and Cymmetria have discovered that a likely cyberwarfare campaign against military-related targets in Europe and Israel used commercial security software to both cover its tracks and improve its features. Typically, the attacks would try to fool people into installing rogue Excel scripts through bogus email. If anyone fell for the ploy, the script installed malware that also grabbed parts of Core Security's defense assessment tool in its attempt to throw investigators off the scent. That's no mean feat -- Core has copy protection and digital watermarks to prevent the software from winding up in the wrong hands, so the perpetrators clearly went out of their way to use it.

So who's responsible? While the researchers aren't reaching any definite conclusions, they believe Iran is a possible culprit. The targets make sense given Iran's goals, and the country doesn't have as many resources for disguising its hacks as a superpower like China or the US; swiping off-the-shelf software would let it fast track that work. Whoever's responsible, the findings suggest that less powerful nations can "cheat" if they want to fight digital wars against their neighbors.

[Image credit: Patrick Lux/Getty Images]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
122 Shares
Share
Tweet
Share
Save

Popular on Engadget

Blue's Yeti X microphone comes with everything you need to sound like a pro

Blue's Yeti X microphone comes with everything you need to sound like a pro

View
Uber will restrict NYC drivers' access to app due to new regulations

Uber will restrict NYC drivers' access to app due to new regulations

View
GNU founder Richard Stallman resigns from MIT, Free Software Foundation

GNU founder Richard Stallman resigns from MIT, Free Software Foundation

View
 FCC approves first commercial use of 3.5GHz band

FCC approves first commercial use of 3.5GHz band

View
What's on TV: 'Spider-Man: Far From Home'

What's on TV: 'Spider-Man: Far From Home'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr